[Cryptography] Signal Security / Secure Chat Metadata Traffic Analysis Generally
arxlight
arxlight at arx.li
Sun Oct 29 04:42:58 EDT 2023
I have always been of the mind that quite a bit of probative information
regarding the actual security of various secure chat applications, their
implementation, and the actual use habits of their users as these impact
practical, realized security, can be found in the sorts of evidentiary
material related to these applications that eventually finds its way
into the court system. In the case of high-profile criminal prosecutions
(particularly of the U.S. variety) the exhibits that result are the
fruits of a very robust threat model. I am perhaps dating myself to
observe that this has been a bit of a tradition on the list, though an
old one, by remembering some discussion in here, not entirely
tongue-in-cheek, about the utility of using "Ken Starr units" as a
threat model measure.
When I had more time on my hands I made it a habit to peruse complaints
and exhibits involving the larger international drug smuggling
prosecutions in this vein.
So, it is difficult not to think that there is quite a bit to suss out
of "Government Exhibit 1083 - 'Signal Groups Samuel Bankman-Fried
Participated in from 2020 to 2022,'" filed with the United States
District Court for the Southern District of New York in the matter of
The United States of America v. Samuel Bankman-Fried (a/k/a "SBF"). Not
finding any restrictions on attachments in the list rules and since the
.pdf file is small, I attach it here.
I don't want to lead too severely any discussion that might follow here
but I found it rather interesting that over the course of a few days in
November of 2022, Signal's Auto Deletion feature was, according to the
document, turned off on dozens of the 325 listed groups. Perhaps some
panicked compliance official persuaded the FTX team (or SBF himself?)
that this feature was legally dangerous? As far as I can tell, Joe
Bankman was the only actual lawyer listed as a participant in these
various groups. Mr. Bankman-Fried was arrested in the Bahamas December
12, 2022. Perhaps he had criminal defense counsel a month earlier who
warned about the hazards of spoliation?
Of course, all the government needed (I think?) to recover this chat
information was SBF's unlocked (or locked, if they had the capacity to
break in) phone, but it will be interesting to see exactly how the
material is developed and if more material comes to light.
In the interim, I'm quite interested to learn what the list gleans from
this document.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: GX-1083.pdf
Type: application/pdf
Size: 289818 bytes
Desc: not available
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20231029/e6c7c052/attachment-0001.pdf>
More information about the cryptography
mailing list